FEX-Emu/linux
1
0
Fork 0
mirror of https://github.com/FEX-Emu/linux.git synced 2024-12-18 06:50:08 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
8c442794b2
linux/include/uapi
History
Sudeep Dutt 3b1cc9b962 misc: mic: fix possible signed underflow (undefined behavior) in userspace API 
iovcnt is declared as a signed integer in both the userspace API and
as a local variable in mic_virtio.c. The while() loop in mic_virtio.c
iterates until the local variable iovcnt reaches the value 0. If
userspace passes e.g. INT_MIN as iovcnt field, this loop then appears
to depend on an undefined behavior (signed underflow) to complete.
The fix is to use unsigned integers in both the userspace API and
the local variable.

This issue was reported @ https://lkml.org/lkml/2014/1/10/10

Reported-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Reviewed-by: Ashutosh Dixit <ashutosh.dixit@intel.com>
Signed-off-by: Sudeep Dutt <sudeep.dutt@intel.com>
Cc: stable <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2014-02-07 15:30:34 -08:00
..
asm-generic Merge branch 'x86-x32-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2014-01-29 18:22:16 -08:00
drm drm/i915: Spelling s/auxilliary/auxiliary/ 2014-01-22 09:58:24 +01:00
linux misc: mic: fix possible signed underflow (undefined behavior) in userspace API 2014-02-07 15:30:34 -08:00
mtd mtd: mtd-abi: add a helper to detect the nand type 2013-10-27 16:27:06 -07:00
rdma IB/core: Re-enable create_flow/destroy_flow uverbs 2013-11-17 08:22:09 -08:00
scsi
sound ALSA: compress: add num_sample_rates in snd_codec_desc 2014-01-07 18:33:40 +01:00
video
xen
Kbuild